UbuntuUpdates.org

Package "whoopsie"

Name: whoopsie

Description:

Ubuntu error tracker submission
Latest version: 0.2.69ubuntu0.3
Release: focal (20.04)
Level: security
Repository: main
Homepage: http://wiki.ubuntu.com/ErrorTracker

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "whoopsie"

32-bit deb package
64-bit deb package
APT INSTALL

Other versions of "whoopsie" in Focal

Repository Area Version
base main 0.2.69
updates main 0.2.69ubuntu0.3

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 0.2.69ubuntu0.3 2021-02-18 11:07:09 UTC

  whoopsie (0.2.69ubuntu0.3) focal; urgency=medium

  * src/whoopsie.c: modify server_response() so that it does not incorrectly
    assume that data is null-terminated and actually use the size of the data.
    (LP: #1914481)

 -- Brian Murray <email address hidden> Thu, 04 Feb 2021 18:37:17 -0800
Source diff to previous version
1914481 use the size of the data when determining the server response

Version: 0.2.69ubuntu0.1 2020-08-04 19:07:06 UTC

  whoopsie (0.2.69ubuntu0.1) focal-security; urgency=medium

  * SECURITY UPDATE: integer overflow in bson parsing (LP: #1872560)
    - lib/bson/*: updated to latest upstream release.
    - CVE-2020-12135
  * SECURITY UPDATE: resource exhaustion via memory leak (LP: #1881982)
    - src/whoopsie.c, src/tests/test_parse_report.c: properly handle
      GHashTable.
    - CVE-2020-11937
  * SECURITY UPDATE: DoS via large data length (LP: #1882180)
    - src/whoopsie.c, src/whoopsie.h, src/tests/test_parse_report.c: limit
      the size of a report file.
    - CVE-2020-15570

 -- Marc Deslauriers <email address hidden> Fri, 24 Jul 2020 08:55:26 -0400
1872560 integer overflow in whoopsie 0.2.69
1881982 DoS vulnerability: cause resource exhaustion
1882180 DoS vulnerability: fail to allocate
CVE-2020-12135 bson before 0.8 incorrectly uses int rather than size_t for many variables, parameters, and return values. In particular, the bson_ensure_space() par
CVE-2020-11937 RESERVED
CVE-2020-15570 The parse_report() function in whoopsie.c in Whoopsie through 0.2.69 mishandles memory allocation failures, which allows an attacker to cause a denia


About   -   Send Feedback to @ubuntu_updates